I'm still hoping for the day I can create a bunch of VLAN interfaces atop that single eth. interface to capture tagged traffic AND simultaneously apply a bridge directly to the ethernet and have it ONLY capture untagged traffic. Or perhaps have a VLAN work-around whereby a special VLAN interface (maybe use vlan-id=0 perhaps?) can be created that captures untagged traffic on an eth. port.
In 3.x (and I suspect it's still true in 4.x), inbound mixed tagged/untagged traffic will ALL be captured by the bridge applied to the eth. interface, and the VLAN interfaces will see nothing. And if I recall correctly, attempting to layer VLAN interfaces atop a bridge didn't work either.
In the above example, ether1 would have mixed tagged/untagged traffic, ether2 only tagged traffic, and ether3 only untagged traffic. The above example assumes a new feature vlan-id=0 to create a VLAN subinterface to capture untagged traffic on a mixed tagged/untagged port.
Code: Select all
[admin@mikrotik] > /interface vlan print Flags: X - disabled, R - running, S - slave # NAME MTU ARP VLAN-ID INTERFACE 0 R eth1_untagged7 1500 enabled 0 ether1 1 R eth1_vlan8 1500 enabled 8 ether1 2 R eth1_vlan9 1500 enabled 9 ether1 3 R eth2_vlan7 1500 enabled 7 ether2 4 R eth2_vlan8 1500 enabled 8 ether2 5 R eth2_vlan9 1500 enabled 9 ether2 [admin@mikrotik] > /interface bridge port print Flags: X - disabled, I - inactive, D - dynamic # INTERFACE BRIDGE PRIORITY PATH-COST HORIZON 0 eth1_untagged7 vlan7_bridge 0x80 10 none 1 eth1_vlan8 vlan8_bridge 0x80 10 none 2 eth1_vlan9 vlan9_bridge 0x80 10 none 3 eth2_vlan7 vlan7_bridge 0x80 10 none 4 eth2_vlan8 vlan8_bridge 0x80 10 none 5 eth2_vlan9 vlan9_bridge 0x80 10 none 6 ether3 vlan9_bridge 0x80 10 none
So... is this possible yet in 4.x (not using vlan-id=0, but the ability to split/separate out untagged from tagged traffic)?
If not, is there any chance of a feature like this (probably easiest to do it with a vlan-id=0 hack) in future versions?